Posts Tagged ‘removable drive’

New worm infects removable drives.

Jun

2013

Yet another worm that infects removable drives was discovered. The Win32/SillyAutorun.FTW was recently found in the wild. The worm is written with Microsoft Visual Studio and uses injection engine – worm’s code overwrites the original code in memory. When it runs on infected machine, it firstcopies itself to %ApplicationData%\E-73473-3674-74335\msnrsmsn.exe; where %ApplicationData% is application data folder […]

Category General Written by GLOBAL SECURITY ADVISOR RESEARCH BLOG 0 Comments

The strange case of Gamarue propagation

Feb

2013

We have seen variants of Worm:Win32/Gamarue spread via removable drives in the past, but recent variants have adopted a more convoluted method of spreading involving several components. Let’s take a look at one. For this variant of Worm:Win32/Gamarue, we start with an infected removable drive, for example a USB flash drive. Our infected example drive […]

Category General Written by Microsoft Malware Protection Center 0 Comments

Smoke and mirrors and Win32/Phorpiex

Nov

2012

This month one of the families introduced to MSRT is Win32/Phorpiex, a worm that spreads via removable drives and has IRC controlled backdoor functionality. In most respects Phorpiex is another worm, with typical command and control via IRC as well as spreading via removable drives. Like many other malware it usually does this by using […]

Category General Written by Microsoft Malware Protection Center 0 Comments

The Latest in IT Security

Posts Tagged ‘removable drive’

New worm infects removable drives.

The strange case of Gamarue propagation

Smoke and mirrors and Win32/Phorpiex

Categories

Featured

Archives

Latest Comments

About Us

Contact Us